-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3056-1 security@xxxxxxxxxx http://www.debian.org/security/ Sebastien Delafond October 26, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libtasn1-3 CVE ID : CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference. For the stable distribution (wheezy), these problems have been fixed in version 2.13-2+deb7u1. We recommend that you upgrade your libtasn1-3 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUTOxIAAoJEBDCk7bDfE42HbwP/0lo1FnzXxc6QN0rMUDXH53K 7hrYAf/N5W4onOFhxr0oJOc0pzXtkAEkOCl2a6l9S34cmWeszthLl93AXPDAWLRA 1eeZRUr/ZwUeVdeWDGdl2iY4sx22reSJhPj7mYlG7xiBL7YFAN9k43D3c/9NBfHN e0+Tf7PfzHnp7i0ej9OTId8iFDqxKRxyD8NiUGbfuGd8pmCUXmAFfHD3GFN+TCtL YD5QJYn7Go4b/9sWc6hY/q/3RKhrO+XTKUQysWmSP3ZNwD/d3XqCXRmrChUWZa5N RYymRiYEBBzadNg6o8xghOtMbVwrJ5IBpWOIn5wMN3ZnnDHNo/8XsjAMD1BevWkU BodlinL5CH43b4mB4suf0XK80dn43XGvmWWHBgGredlPD2HOLwMTBnwYss0tPSJx MIzmguEmTPXVAkc4uG8RWwvG9MmmOtE+jwQxOx2YlQ/dDruG2yAauv1UlyIDkR1p 6MJienbcRsJtnYYl9EtnPUXxvMPmKW9BtIHZk6BBoScXJPmHQS0jpsS5iedEpTG2 FOtppkDkabwEinZyeiXAMm1PpczjG+F45ezG500K5BUZCBAK5r1oUGLJoBYipbQR 4LMDXFWkCJQfHrCY9MJp+EYnR92uFpMxng40z9ZXvBO3pgpFjlqYLalK4UgDmGZ7 RiUrOCr1QVuUm4f2md3o =qxvv -----END PGP SIGNATURE-----
